Server emits specific error in case the requests's Content-Type is not properly set

bad853a1 · Leon · David Venhoek · 3d1f7cde · bad853a1
Commit bad853a1 authored Feb 04, 2020 by Leon Committed by David Venhoek Mar 03, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 3 deletions

server/requestorserver/server.go server/requestorserver/server.go +6 -3

No files found.
--- a/server/requestorserver/server.go
+++ b/server/requestorserver/server.go
@@ -312,9 +312,12 @@ func (s *Server) handleCreate(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	if !applies {
-		s.conf.Logger.Warnf("Session request uses unknown authentication method, HTTP headers: %s, HTTP POST body: %s",
-			server.ToJson(r.Header), string(body))
-		server.WriteError(w, server.ErrorInvalidRequest, "Request could not be authorized")
+		if r.Header.Get("Content-Type") != "application/json" {
+			server.WriteError(w, server.ErrorInvalidRequest, "Content-Type is not \"application/json\"")
+			return
+		}
+		s.conf.Logger.Warnf("Session request uses unknown authentication method, HTTP headers: %s, HTTP POST body: %s", server.ToJson(r.Header), string(body))
+		server.WriteError(w, server.ErrorInvalidRequest, "Request could not be authenticated")
 		return
 	}